Over the last two weeks, we saw new LinkedIn scams, where cybercriminals attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. Also, check out “The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet”.
For more articles, check out our #onpatrol4malware blog.
Raspberry Robin gets the worm early
Source: Red Canary
Red Canary is tracking a worm spread by external drives that leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL. Read more.
Common LinkedIn scams: Beware of phishing attacks and fake job offers
Source: WeLiveSecurity
LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. Read more.
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Source: MalwarebitesLABS
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one of the most popular payloads observed in malspam campaigns. Read more.
Mustang Panda deploys a new wave of malware targeting Europe
Source: Cisco Talos
This attacker started attacks earlier this year where a vast majority of the lures and decoys consisted of themes related to the European Union (EU). Read more.
The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet
Source: Cluster25
On March 1st, 2022, ESET researchers reported variants of a destructive malware deployed against Ukraine. Read more.
Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive
Source: Cybereason
In part one of this research, the Cybereason Nocturnus Incident Response Team provided a unique glimpse into the Winnti intrusion playbook. Read more.
The Lotus Panda is Awake, Again. Analysis Of Its Last Strike.
Source: Cluster25
NAIKON is the name of an APT (Advanced Persistent Threat) which is believed to originate from China. The Naikon hacker group was first tracked over a decade ago, back in 2010. Read more.